Domain validated or DV certificates are the most common type of SSL certificate. They are verified using only the domain name. Typically, the CA exchanges confirmation email with an address listed in the domain’s WHOIS record. Alternatively, the CA provides a verification file which the owner places on the website to be protected. Either method confirms that the domain is controlled by the party requesting the certificate.
Organization validated or OV certificates require more validation than DV certificates, but provide more trust. For this type, the CA will verify the actual business that is attempting to get the certificate (the information required for OV certificates). The organization’s name is also listed in the certificate, giving added trust that both the website and the company are reputable. OVs are usually used by corporations, governments and other entities that want to provide an extra layer of confidence to their visitors. Aside from SSL/TLS certificates, OV is also commonly used for code signing, document signing, client authentication, and S/MIME email certificates.
Extended validation or EV certificates provide the maximum amount of trust to visitors, and also require the most effort by the CA to validate. Per guidelines set by the CA/Browser Forum, extra documentation must be provided to issue an EV certificate (as described in EV SSL Requirements). As with OV, EV lists the company name in the certificate itself.
An EV code signing certificate is required to sign Windows 10 drivers and provides an instant SmartScreen reputation boost. If you’re not sure which code signing certificate you need, please read this FAQ.